[jira] [Comment Edited] (HDFS-6708) StorageType should be encoded in the block token

[Ewan Higgs (JIRA)]

    [ 
https://issues.apache.org/jira/browse/HDFS-6708?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15837893#comment-15837893
 ] 

Ewan Higgs edited comment on HDFS-6708 at 1/26/17 3:42 PM:
-----------------------------------------------------------

Hi all. I took this work over from Pieter. I've got some questions about how we 
want this to work.

First, if I understand correctly we want to check the token mainly in the 
DataXceiver, passing the token and the locally available StorageTypes whenever 
we call {{DataXceiver.checkAccess}} (which ends up calling 
{{BlockTokenSecretManager.checkAccess}}) for writes only (i.e. 
{{replaceBlock}}, {{transferBlock}}, {{writeBlock}} - and *not* 
{{blockChecksum}}, {{blockGroupChecksum}}, or {{requestShortCircuitFds}}). 

If we're only checking the storage type when we write data then we use the 
passed in {{StorageType}}. However, if we want to do this on reads as well, we 
need to gather the available {{StorageType[]}}. We can get the locally 
available storage types as follows:

{code}
  // only needed if we want to use StorageType for reads as well...
  private static StorageType[] getStorageTypes(DataNode datanode) {
    final FsDatasetSpi dataset =  datanode.getFSDataset();
    final FsDatasetSpi.FsVolumeReferences vols;
    vols = dataset.getFsVolumeReferences();

    List<StorageType> storageTypes = new ArrayList<StorageType>(vols.size());
    Iterator<FsVolumeSpi> iter = vols.iterator();
    while (iter.hasNext()) {
      FsVolumeSpi vol = iter.next();
      StorageType storageType = vol.getStorageType();
      if (storageType != null) {
        storageTypes.add(storageType);
      }
    }
    return storageTypes.toArray(new StorageType[0]);
  }
{code}

The resulting check uses the Token {{StorageType[]}} and compares it to the 
{{StorageType[]}} passed in by the Protobuf request operation. I think the 
rules should be as follows:

||{{Token StorageType[]}}||{{Node StorageType[]}}|| Result ||
|\* | null| Error|
|null | \* | Error|
| {{\[\]}} | {{\[\]}} | Not OK (maybe Error?) |
| {{\[DISK\]}} | {{\[DISK\]}} | OK |
| {{\[DISK\]}} | {{\[\]}} | Not OK | 
| {{\[SSD, DISK\]}} | {{\[DISK\]}} | Not OK|
| {{\[SSD, DISK\]}} | {{\[SSD, DISK\]}} | OK |
| {{\[\]}} | {{\[SSD, DISK\]}} | OK |


was (Author: ehiggs):
Hi all. I took this work over from Pieter. I've got some questions about how we 
want this to work.

First, if I understand correctly we want to check the token mainly in the 
DataXceiver, passing the token and the locally available StorageTypes whenever 
we call {{DataXceiver.checkAccess}} (which ends up calling 
{{BlockTokenSecretManager.checkAccess}}) for writes only (i.e. 
{{replaceBlock}}, {{transferBlock}}, {{writeBlock}} - and *not* 
{{blockChecksum}}, {{blockGroupChecksum}}, or {{requestShortCircuitFds}}). 

If we're only checking the storage type when we write data then we use the 
passed in {{StorageType}}. However, if we want to do this on reads as well, we 
need to gather the available {{StorageType[]}}. We can get the locally 
available storage types as follows:

{code}
  // only needed if we want to use StorageType for reads as well...
  private static StorageType[] getStorageTypes(DataNode datanode) {
    final FsDatasetSpi dataset =  datanode.getFSDataset();
    final FsDatasetSpi.FsVolumeReferences vols;
    vols = dataset.getFsVolumeReferences();

    List<StorageType> storageTypes = new ArrayList<StorageType>(vols.size());
    Iterator<FsVolumeSpi> iter = vols.iterator();
    while (iter.hasNext()) {
      FsVolumeSpi vol = iter.next();
      StorageType storageType = vol.getStorageType();
      if (storageType != null) {
        storageTypes.add(storageType);
      }
    }
    return storageTypes.toArray(new StorageType[0]);
  }
{code}

The resulting check uses the Token {{StorageType[]}} and compares it to the 
{{StorageType[]}} passed in by the Protobuf request operation. I think the 
rules should be as follows:

||{{Token StorageType[]}}||{{Node StorageType[]}}|| Result ||
|\* | null| Error|
|null | \* | Error|
| {{\[\]}} | {{\[\]}} | Not OK (maybe Error?) |
| {{\[DISK\]}} | {{\[DISK\]}} | OK |
| {{\[DISK\]}} | {{\[\]}} | Not OK | 
| {{\[SSD, DISK\]}} | {{\[DISK\]}} | Not OK|
| {{\[SSD, DISK\]}} | {{\[SSD, DISK\]}} | OK |
| {{\[\]}} | {{\[SSD, DISK\]}} | OK |

Finally, I found that {{TestBalancer#testBalancerWithKeytabs}} and 
{{TestMover#testMoverWithKeytabs}} fail because they create a cluster with 
{{\[DISK, ARCHIVE\]}} storage; set the StoragePolicy to {{COLD}} (which has no 
{{DISK}}) and then try to run the Balancer or Mover. This fails since the token 
has {{\[DISK\]}} as the {{StorageType}} and the request has {{\[ARCHIVE\]}}. 
Perhaps the token is stale. 

> StorageType should be encoded in the block token
> ------------------------------------------------
>
>                 Key: HDFS-6708
>                 URL: https://issues.apache.org/jira/browse/HDFS-6708
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: datanode, namenode
>    Affects Versions: 2.4.1
>            Reporter: Arpit Agarwal
>            Assignee: Ewan Higgs
>
> HDFS-6702 is adding support for file creation based on StorageType.
> The block token is used as a tamper-proof channel for communicating block 
> parameters from the NN to the DN during block creation. The StorageType 
> should be included in this block token.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org